[secdir] Secdir last call review of draft-ietf-spring-segment-routing-mpls-18

Linda Dunbar <Linda.dunbar@huawei.com> Fri, 01 March 2019 00:21 UTC

Return-Path: <Linda.dunbar@huawei.com>
X-Original-To: secdir@ietf.org
Delivered-To: secdir@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 60978130FE5; Thu, 28 Feb 2019 16:21:14 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: Linda Dunbar <Linda.dunbar@huawei.com>
To: <secdir@ietf.org>
Cc: spring@ietf.org, draft-ietf-spring-segment-routing-mpls.all@ietf.org, ietf@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.92.1
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <155139967435.28679.14505997897302676815@ietfa.amsl.com>
Date: Thu, 28 Feb 2019 16:21:14 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/50tXdjK7EmTCELk0GgGg35O6_ec>
Subject: [secdir] Secdir last call review of draft-ietf-spring-segment-routing-mpls-18
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Mar 2019 00:21:15 -0000

Reviewer: Linda Dunbar
Review result: Ready

Reviewer: Linda Dunbar
Review result: Ready

I have reviewed this document as part of the security directorate's ongoing
effort to review all IETF documents being processed by the IESG.  These
comments were written primarily for the benefit of the security area directors.
 Document editors and WG chairs should treat these comments just like any other
last call comments.

The document provides the detailed explanation of SR-MPLS processing in
addition to RFC 8402. Since SR-MPLS are in the trusted domain, it is assumed
that there is no malicious attacks to the nodes for the data plane and control
plane.  RFC8402 already has the good description on the Security Consideration
for both SR-MPLS & SRv6.

Linda Dunbar